From 68ef4931cb8bcbc53c0d2b6078946d836da7b5d9 Mon Sep 17 00:00:00 2001 From: David Gibson Date: Wed, 28 Sep 2022 14:33:18 +1000 Subject: Clean up parsing in conf_runas() conf_runas() handles several of the different possible cases for the --runas argument in a slightly odd order. Although it can parse both numeric UIDs/GIDs and user/group names, it can't parse a numeric UID combined with a group name or vice versa. That's not obviously useful, but it's slightly surprising gap to have. Rework the parsing to be more systematic: first split the option into user and (optional) group parts, then separately parse each part as either numeric or a name. As a bonus this removes some clang-tidy warnings. While we're there also add cppcheck suppressions for getpwnam() and getgrnam(). It complains about those because they're not reentrant. passt is single threaded though, and is always likely to be during this initialization code, even if we multithread later. There were some existing suppressions for these in the cppcheck invocation but they're no longer up to date. Replace them with inline suppressions which, being next to the code, are more likely to stay correct. Signed-off-by: David Gibson Signed-off-by: Stefano Brivio --- Makefile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'Makefile') diff --git a/Makefile b/Makefile index 59967eb..e0933f3 100644 --- a/Makefile +++ b/Makefile @@ -282,12 +282,12 @@ cppcheck: $(SRCS) $(HEADERS) $(SYSTEM_INCLUDES:%=--config-exclude=%) \ $(SYSTEM_INCLUDES:%=--suppress=*:%/*) \ $(SYSTEM_INCLUDES:%=--suppress=unmatchedSuppression:%/*) \ + --inline-suppr \ --suppress=objectIndex:tcp.c --suppress=objectIndex:udp.c \ --suppress=va_list_usedBeforeStarted:util.c \ --suppress=unusedFunction \ --suppress=knownConditionTrueFalse:conf.c \ --suppress=strtokCalled:conf.c --suppress=strtokCalled:qrap.c \ - --suppress=getpwnamCalled:passt.c \ --suppress=localtimeCalled:pcap.c \ --suppress=unusedStructMember:pcap.c \ --suppress=funcArgNamesDifferent:util.h \ @@ -295,7 +295,6 @@ cppcheck: $(SRCS) $(HEADERS) \ --suppress=unmatchedSuppression:conf.c \ --suppress=unmatchedSuppression:dhcp.c \ - --suppress=unmatchedSuppression:passt.c \ --suppress=unmatchedSuppression:pcap.c \ --suppress=unmatchedSuppression:qrap.c \ --suppress=unmatchedSuppression:tcp.c \ -- cgit v1.2.3